Even more, if you want not only authentication (authenticating existing users) but also user creation you can turn autocreation on by setting autocreation:true. If you do so, when a user with the trusted header performs his first request his user will be created automatically. This feature requires that field is set to email, since the new user will be created with it: